projects / openssl.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 7e12c2b) | patch
Inherit hostflags verify params even without hosts
authorChristian Heimes <christian@python.org>
Tue, 30 Mar 2021 10:02:42 +0000 (12:02 +0200)
committerTomas Mraz <tomas@openssl.org>
Fri, 21 May 2021 09:01:16 +0000 (11:01 +0200)
commitfdb4cbd20f50e60fc266d9de4b83890e995d3502
tree8759ef655b3de395d6e0e1b482575e6646856a9ftree | snapshot
parent7e12c2b3d9ccf97186e4d2cb27aafb084c893ce5commit | diff
Inherit hostflags verify params even without hosts

X509_VERIFY_PARAM_inherit() now copies hostflags independently of hosts.

Previously hostflags were only copied when at least one host was set.
Typically applications don't configure hosts on SSL_CTX. The change
enables applications to configure hostflags on SSL_CTX and have OpenSSL
copy the flags from SSL_CTX to SSL.

Fixes: https://github.com/openssl/openssl/issues/14579
Signed-off-by: Christian Heimes <christian@python.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14856)
crypto/x509/x509_vpm.c diff | blob | history
test/sslapitest.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.